1 /*
2 * Copyright (c) 2016 Thomas Pornin <pornin@bolet.org>
3 *
4 * Permission is hereby granted, free of charge, to any person obtaining
5 * a copy of this software and associated documentation files (the
6 * "Software"), to deal in the Software without restriction, including
7 * without limitation the rights to use, copy, modify, merge, publish,
8 * distribute, sublicense, and/or sell copies of the Software, and to
9 * permit persons to whom the Software is furnished to do so, subject to
10 * the following conditions:
11 *
12 * The above copyright notice and this permission notice shall be
13 * included in all copies or substantial portions of the Software.
14 *
15 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
16 * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
17 * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
18 * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
19 * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
20 * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
21 * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
22 * SOFTWARE.
23 */
24
25 #include <stdio.h>
26 #include <stdlib.h>
27 #include <string.h>
28 #include <stdint.h>
29 #include <errno.h>
30
31 #include "brssl.h"
32 #include "bearssl.h"
33
34 static private_key *
decode_key(const unsigned char * buf,size_t len)35 decode_key(const unsigned char *buf, size_t len)
36 {
37 br_skey_decoder_context dc;
38 int err;
39 private_key *sk;
40
41 br_skey_decoder_init(&dc);
42 br_skey_decoder_push(&dc, buf, len);
43 err = br_skey_decoder_last_error(&dc);
44 if (err != 0) {
45 const char *errname, *errmsg;
46
47 fprintf(stderr, "ERROR (decoding): err=%d\n", err);
48 errname = find_error_name(err, &errmsg);
49 if (errname != NULL) {
50 fprintf(stderr, " %s: %s\n", errname, errmsg);
51 } else {
52 fprintf(stderr, " (unknown)\n");
53 }
54 return NULL;
55 }
56 switch (br_skey_decoder_key_type(&dc)) {
57 const br_rsa_private_key *rk;
58 const br_ec_private_key *ek;
59
60 case BR_KEYTYPE_RSA:
61 rk = br_skey_decoder_get_rsa(&dc);
62 sk = xmalloc(sizeof *sk);
63 sk->key_type = BR_KEYTYPE_RSA;
64 sk->key.rsa.n_bitlen = rk->n_bitlen;
65 sk->key.rsa.p = xblobdup(rk->p, rk->plen);
66 sk->key.rsa.plen = rk->plen;
67 sk->key.rsa.q = xblobdup(rk->q, rk->qlen);
68 sk->key.rsa.qlen = rk->qlen;
69 sk->key.rsa.dp = xblobdup(rk->dp, rk->dplen);
70 sk->key.rsa.dplen = rk->dplen;
71 sk->key.rsa.dq = xblobdup(rk->dq, rk->dqlen);
72 sk->key.rsa.dqlen = rk->dqlen;
73 sk->key.rsa.iq = xblobdup(rk->iq, rk->iqlen);
74 sk->key.rsa.iqlen = rk->iqlen;
75 break;
76
77 case BR_KEYTYPE_EC:
78 ek = br_skey_decoder_get_ec(&dc);
79 sk = xmalloc(sizeof *sk);
80 sk->key_type = BR_KEYTYPE_EC;
81 sk->key.ec.curve = ek->curve;
82 sk->key.ec.x = xblobdup(ek->x, ek->xlen);
83 sk->key.ec.xlen = ek->xlen;
84 break;
85
86 default:
87 fprintf(stderr, "Unknown key type: %d\n",
88 br_skey_decoder_key_type(&dc));
89 sk = NULL;
90 break;
91 }
92
93 return sk;
94 }
95
96 /* see brssl.h */
97 private_key *
read_private_key(const char * fname)98 read_private_key(const char *fname)
99 {
100 unsigned char *buf;
101 size_t len;
102 private_key *sk;
103 pem_object *pos;
104 size_t num, u;
105
106 buf = NULL;
107 pos = NULL;
108 sk = NULL;
109 buf = read_file(fname, &len);
110 if (buf == NULL) {
111 goto deckey_exit;
112 }
113 if (looks_like_DER(buf, len)) {
114 sk = decode_key(buf, len);
115 goto deckey_exit;
116 } else {
117 pos = decode_pem(buf, len, &num);
118 if (pos == NULL) {
119 goto deckey_exit;
120 }
121 for (u = 0; pos[u].name; u ++) {
122 const char *name;
123
124 name = pos[u].name;
125 if (eqstr(name, "RSA PRIVATE KEY")
126 || eqstr(name, "EC PRIVATE KEY")
127 || eqstr(name, "PRIVATE KEY"))
128 {
129 sk = decode_key(pos[u].data, pos[u].data_len);
130 goto deckey_exit;
131 }
132 }
133 fprintf(stderr, "ERROR: no private key in file '%s'\n", fname);
134 goto deckey_exit;
135 }
136
137 deckey_exit:
138 if (buf != NULL) {
139 xfree(buf);
140 }
141 if (pos != NULL) {
142 for (u = 0; pos[u].name; u ++) {
143 free_pem_object_contents(&pos[u]);
144 }
145 xfree(pos);
146 }
147 return sk;
148 }
149
150 /* see brssl.h */
151 void
free_private_key(private_key * sk)152 free_private_key(private_key *sk)
153 {
154 if (sk == NULL) {
155 return;
156 }
157 switch (sk->key_type) {
158 case BR_KEYTYPE_RSA:
159 xfree(sk->key.rsa.p);
160 xfree(sk->key.rsa.q);
161 xfree(sk->key.rsa.dp);
162 xfree(sk->key.rsa.dq);
163 xfree(sk->key.rsa.iq);
164 break;
165 case BR_KEYTYPE_EC:
166 xfree(sk->key.ec.x);
167 break;
168 }
169 xfree(sk);
170 }
171
172 /*
173 * OID for hash functions in RSA signatures.
174 */
175 static const unsigned char HASH_OID_SHA1[] = {
176 0x05, 0x2B, 0x0E, 0x03, 0x02, 0x1A
177 };
178
179 static const unsigned char HASH_OID_SHA224[] = {
180 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x04
181 };
182
183 static const unsigned char HASH_OID_SHA256[] = {
184 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x01
185 };
186
187 static const unsigned char HASH_OID_SHA384[] = {
188 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x02
189 };
190
191 static const unsigned char HASH_OID_SHA512[] = {
192 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x03
193 };
194
195 static const unsigned char *HASH_OID[] = {
196 HASH_OID_SHA1,
197 HASH_OID_SHA224,
198 HASH_OID_SHA256,
199 HASH_OID_SHA384,
200 HASH_OID_SHA512
201 };
202
203 /* see brssl.h */
204 const unsigned char *
get_hash_oid(int id)205 get_hash_oid(int id)
206 {
207 if (id >= 2 && id <= 6) {
208 return HASH_OID[id - 2];
209 } else {
210 return NULL;
211 }
212 }
213
214 /* see brssl.h */
215 const br_hash_class *
get_hash_impl(int hash_id)216 get_hash_impl(int hash_id)
217 {
218 size_t u;
219
220 if (hash_id == 0) {
221 return &br_md5sha1_vtable;
222 }
223 for (u = 0; hash_functions[u].name; u ++) {
224 const br_hash_class *hc;
225 int id;
226
227 hc = hash_functions[u].hclass;
228 id = (hc->desc >> BR_HASHDESC_ID_OFF) & BR_HASHDESC_ID_MASK;
229 if (id == hash_id) {
230 return hc;
231 }
232 }
233 return NULL;
234 }
235